{% extends "base.html" %}
{% load static %}
{% load humanize %}
{% load opencve_extras %}

{% block title %}{{ cve.cve_id }} - Vulnerability Details - OpenCVE{% endblock %}

{% block meta_description %}{{ cve.description }}{% endblock %}

{% block navbar_title%}{{ cve.cve_id }}{% if cve.title %}<small><i> - {{ cve.title }}</i></small>{% endif %}{% endblock %}

{% block content %}

<section class="content">
    <div class="row">
        <div class="col-md-9">
            <div class="box box-primary">
                <div class="box-body">
                    {{ cve.description }}
                </div>
            </div>

            {% include "cves/metrics/base.html" %}

            {% include "cves/_configurations.html" %}

            {% include "cves/_references.html" %}

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">History</div>
                    <div class="box-tools pull-right">
                        <button type="button" class="btn btn-box-tool" data-widget="collapse"><iclass="fa fa-minus"></i></button>
                    </div>
                </div>

                {% if cve.kb_json.opencve.changes %}
                <div class="box-body">
                    <div class="row">
                        <div class="col-md-12">
                            {% for change in cve.kb_json.opencve.changes reversed %}
                            <p class="report-change-title"><i class="fa fa-clock-o"></i> {{ change.created|convert_str_date|date:"r" }}</p>
                            <div class="table-responsive">
                                <table class="table table-bordered table-striped">
                                    <thead>
                                        <th>Type</th>
                                        <th>Values Removed</th>
                                        <th>Values Added</th>
                                    </thead>
                                    <tbody>

                                    {% for event in change.data %}
                                        {% with template_name="changes/change_"|add:event.type|add:".html" %}
                                        {% include template_name %}
                                        {% endwith %}
                                    {% endfor %}
                                    </tbody>
                                </table>
                            </div>
                            <hr />
                            {% endfor %}
                        </div>
                    </div>
                </div>
                {% else %}
                <div class="box-body">
                    <p class="alert alert-info">No history.</p>
                </div>
                {% endif %}
            </div>
        </div>

        <div class="col-md-3">
            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">
                        <img src="{% static 'img/cve-icon.png' %}" class="provider-icon" alt="cve-icon" />
                        MITRE
                    </div>
                    {% if cve.mitre_json %}
                    <div class="box-tools pull-right">
                        <div class="btn-group" data-toggle="btn-toggle">
                            <button type="button" class="btn btn-default btn-sm" data-toggle="modal" data-target="#modal-mitre-json"><i class="fa fa-code"></i></button>
                        </div>
                    </div>
                    {% endif %}
                </div>
                {% if cve.mitre_json %}
                <div class="box-body">
                    <p><strong>Status:</strong> {{ cve.mitre_json.cveMetadata.state }}</p>
                    <p><strong>Assigner:</strong> {{ cve.mitre_json.cveMetadata.assignerShortName }}</p>
                    <p><strong>Published:</strong>
                        {% if cve.mitre_json.cveMetadata.datePublished %}
                        <time datetime="{{ cve.mitre_json.cveMetadata.datePublished|convert_str_date|date:'Y-m-d\TH:i:s' }}">
                            {{ cve.mitre_json.cveMetadata.datePublished }}
                        </time>
                        {% else %}
                        No published date
                        {% endif %}
                    </p>
                    <p><strong>Updated:</strong> {{ cve.mitre_json.cveMetadata.dateUpdated }}</p>
                    <p><strong>Reserved:</strong> {{ cve.mitre_json.cveMetadata.dateReserved }}</p>
                    <p><strong>Link:</strong> <a href="https://www.cve.org/CVERecord?id={{ cve.cve_id }}" target="_blank">{{ cve.cve_id }} <i class="fa fa-external-link"></i></a></p>
                </div>
                {% else %}
                <div class="box-body">
                    <p class="alert alert-info">No data.</p>
                </div>
                {% endif %}
            </div>

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">
                        <img src="{% static 'img/cisa-icon.png' %}" class="provider-icon" style="width: 28px;" alt="cve-icon" />
                        Vulnrichment
                    </div>
                    {% if cve.vulnrichment_json %}
                    <div class="box-tools pull-right">
                        <div class="btn-group" data-toggle="btn-toggle">
                            <button type="button" class="btn btn-default btn-sm" data-toggle="modal" data-target="#modal-vulnrichment-json"><i class="fa fa-code"></i></button>
                        </div>
                    </div>
                    {% endif %}
                </div>
                {% if cve.vulnrichment_json %}
                <div class="box-body">
                    <p><strong>Updated:</strong> {{ cve.vulnrichment_json.containers.adp.0.providerMetadata.dateUpdated }}</p>
                </div>
                {% else %}
                <div class="box-body">
                    <p class="alert alert-info">No data.</p>
                </div>
                {% endif %}
            </div>

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">
                        <img src="{% static 'img/nvd-icon.png' %}" class="provider-icon" alt="cve-icon" />
                        NVD
                    </div>
                    {% if cve.nvd_json %}
                    <div class="box-tools pull-right">
                        <div class="btn-group" data-toggle="btn-toggle">
                            <button type="button" class="btn btn-default btn-sm" data-toggle="modal" data-target="#modal-nvd-json"><i class="fa fa-code"></i></button>
                        </div>
                    </div>
                    {% endif %}
                </div>
                {% if cve.nvd_json %}
                <div class="box-body">
                    <p><strong>Status :</strong> {{ cve.nvd_json.vulnStatus }}</p>
                    <p><strong>Published:</strong> {{ cve.nvd_json.published }}</p>
                    <p><strong>Modified:</strong> {{ cve.nvd_json.lastModified }}</p>
                    <p><strong>Link:</strong> <a href="https://nvd.nist.gov/vuln/detail/{{ cve.cve_id }}" target="_blank">{{ cve.cve_id }} <i class="fa fa-external-link"></i></a></p>
                </div>
                {% else %}
                <div class="box-body">
                    <p class="alert alert-info">No data.</p>
                </div>
                {% endif %}
            </div>

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">
                        <img src="{% static 'img/redhat-icon.png' %}" class="provider-icon" style="width: 28px;" alt="cve-icon" />
                        Redhat
                    </div>
                    {% if cve.redhat_json %}
                    <div class="box-tools pull-right">
                        <div class="btn-group" data-toggle="btn-toggle">
                            <button type="button" class="btn btn-default btn-sm" data-toggle="modal" data-target="#modal-redhat-json"><i class="fa fa-code"></i></button>
                        </div>
                    </div>
                    {% endif %}
                </div>
                {% if cve.redhat_json %}
                <div class="box-body">
                    <p><strong>Severity :</strong> {{ cve.redhat_json.threat_severity }}</p>
                    <p><strong>Publid Date:</strong> {{ cve.redhat_json.public_date }}</p>
                    <p><strong>Links:</strong> <a href="https://access.redhat.com/security/cve/{{ cve.cve_id }}" target="_blank">{{ cve.cve_id }} <i class="fa fa-external-link"></i></a> - <a href="{{ cve.redhat_json.bugzilla.url }}" target="_blank">Bugzilla <i class="fa fa-bug"></i></a></p>
                </div>
                {% else %}
                <div class="box-body">
                    <p class="alert alert-info">No data.</p>
                </div>
                {% endif %}
            </div>

            {% if user.is_authenticated %}
            <div class="box box-primary">
                <div class="box-header with-border">
                    <h3 class="box-title">Tags</h3>
                    <div class="box-tools pull-right">
                        <button type="button" class="btn btn-box-tool" data-toggle="modal" data-target="#modal-tags"><i class="fa fa-edit"></i></button>
                    </div>
                </div>
                <div class="box-body">
                    {% if tags %}
                    {% for tag in tags %}
                    <a href="{% url 'cves' %}?tag={{ tag.name }}" data-toggle="tooltip" data-container="body" title="{{ tag.description }}">
                        <span class="label label-tag" style="background-color: {{ tag.color }};">{{ tag.name }}</span>
                    </a>
                    {% endfor %}
                    {% else %}
                    <p class="alert alert-info">No tag.</p>
                    {% endif %}
                </div>
            </div>

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">Weaknesses</div>
                </div>
                <div class="box-body">
                    {% if weaknesses %}
                        <ul>
                        {% for cwe_id, name in weaknesses.items %}
                        <li>
                            <a href="{% url 'cves' %}?weakness={{ cwe_id }}">{{ cwe_id }}</a>
                            {% if name %}<p class="cwe-name">{{ name }}</p>{% endif %}
                        </li>
                        {% endfor %}
                        </ul>
                    {% else %}
                    <p class="alert alert-info">No weakness.</p>
                    {% endif %}
                </div>
            </div>
            {% endif %}

        </div>
    </div>

</section>

<div class="modal fade" id="modal-mitre-json">
    <div class="modal-dialog modal-lg">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                    <span aria-hidden="true">&times;</span></button>
                <h4 class="modal-title">JSON object</h4>
            </div>
            <div class="modal-body codejson">
                {{ mitre_json }}
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default pull-right" data-dismiss="modal">Close</button>
            </div>
        </div>
    </div>
</div>

<div class="modal fade" id="modal-vulnrichment-json">
    <div class="modal-dialog modal-lg">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                    <span aria-hidden="true">&times;</span></button>
                <h4 class="modal-title">JSON object</h4>
            </div>
            <div class="modal-body codejson">
                {{ vulnrichment_json }}
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default pull-right" data-dismiss="modal">Close</button>
            </div>
        </div>
    </div>
</div>

<div class="modal fade" id="modal-nvd-json">
    <div class="modal-dialog modal-lg">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                    <span aria-hidden="true">&times;</span></button>
                <h4 class="modal-title">JSON object</h4>
            </div>
            <div class="modal-body codejson">
                {{ nvd_json }}
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default pull-right" data-dismiss="modal">Close</button>
            </div>
        </div>
    </div>
</div>

<div class="modal fade" id="modal-redhat-json">
    <div class="modal-dialog modal-lg">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                    <span aria-hidden="true">&times;</span></button>
                <h4 class="modal-title">JSON object</h4>
            </div>
            <div class="modal-body codejson">
                {{ redhat_json }}
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default pull-right" data-dismiss="modal">Close</button>
            </div>
        </div>
    </div>
</div>


{% if user.is_authenticated %}
<div class="modal fade" id="modal-tags">
    <div class="modal-dialog">
      <div class="modal-content">
        <form action="{% url 'cve' cve_id=cve.cve_id %}" method="POST">
            {% csrf_token %}
            <div class="modal-header">
            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                <span aria-hidden="true">&times;</span></button>
            <h4 class="modal-title">Attach tags to <code>{{ cve.cve_id }}</code></h4>
            </div>
            <div class="modal-body">
                <div class="form-group">
                    <label>Select your tags</label>
                    <select class="form-control select2" id="select2-tags" multiple="multiple" data-placeholder="Select a tag"
                            style="width: 100%;" data-values='{{ cve_tags_encoded }}' name="tags">
                        {% for tag in user_tags %}
                        <option>{{ tag }}</option>
                        {% endfor %}
                    </select>
                </div>
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default pull-left" data-dismiss="modal">Close</button>
                <a class="btn btn-default pull-left" href="{% url 'tags' %}">Manage your tags</a>
                <button type="submit" class="btn btn-primary">Update associated tags</button>
            </div>
        </form>
      </div>
    </div>
</div>
{% endif %}


{% endblock %}
